CN101808317B - Computer device and method for realizing wireless local area network security measure - Google Patents
Computer device and method for realizing wireless local area network security measure Download PDFInfo
- Publication number
- CN101808317B CN101808317B CN200910078145.2A CN200910078145A CN101808317B CN 101808317 B CN101808317 B CN 101808317B CN 200910078145 A CN200910078145 A CN 200910078145A CN 101808317 B CN101808317 B CN 101808317B
- Authority
- CN
- China
- Prior art keywords
- wapi
- equipment
- local area
- area network
- network card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention provides a computer device and a method for realizing a wireless local area network security measure. The computer device comprises a network card device and a WAPI device independent from the network card device, wherein the WAPI device comprises a wireless local area network authentication infrastructure unit and a wireless local area network privacy infrastructure unit; the wireless local area network authentication infrastructure unit is used for sending a user environment allocation file and WAPI information elements when establishing a link with a wireless access point AP and successfully establishing the link with the AP; the wireless local area network privacy infrastructure unit is used for using an encryption and decryption key to carry out encryption and decryption on network data after the wireless local area network authentication infrastructure unit establishes the link with the AP; the network card device comprises a receiving unit and a forwarding unit; the receiving unit is used for receiving the user environment allocation file and the WAPI information elements from the AP and informing the WAPI device to send the WAPI information elements; and the forwarding unit is used for forwarding the AWPI information elements to the AP. By applying the technology of the embodiment, the process for the computer to carry out encryption and decryption on the network data and the wireless network card are subjected to the layered design so as not to depend on the original wireless network card and reduce dependence on foreign manufacturers.
Description
Technical field
The present invention relates to the network authentication technology, refer to a kind of computer equipment and method that realizes wireless local area network security measure especially.
Background technology
Radio local area network authentication and confidentiality foundation structure (WAPI, WLAN Authentication and PrivacyInfrastructure) is the employing wireless communication technology (WLAN, the Wireless Local Area Network) security solution that proposes in the Chinese WLAN (wireless local area network) standard GB 15629.11.WAPI adopts the elliptic curve cryptography (ECC) of RSA arithmetic of State Secret Code Regulatory Commission Office's approval and the block cipher (SMS4) of privacy key system, has realized identification authentication, link verification, access control and the user profile encipherment protection under transmission of status of equipment.
In existing implementation, based on the certificate mechanism of public key cryptography system, if realize bi-directional authentification between portable terminal (MT) and WAP (wireless access point) (AP); Normally realized by the integrated WAPI function of wireless network card, that is, and hardware vendor oneself or cooperate in wireless network card, to have realized WAPI with other manufacturers.
The inventor is in realizing process of the present invention, find that there are the following problems at least in the prior art: WAPI can not be separated with hardware, limited the developer that is absorbed in the WAPI technology to the development of WAPI technology, and, because WAPI is integrated on the hardware network interface card, causes needing to obtain in the process of the WAPI function being carried out subsequent upgrade the permission of other enterprises.
Summary of the invention
The purpose of this invention is to provide a kind of computer equipment and method that realizes wireless local area network security measure, be used for breaking away from the dependence to overseas enterprise realizing the WAPI technical process, realize the upgrading to the WAPI technology.
In order to address the above problem, on the one hand, the invention provides a kind of computer equipment, include network card equipment, also comprise and described network card equipment WAPI equipment independently mutually, comprise in the described WAPI equipment: the radio local area network authentication infrastructure element is used for sending user environment profile and WAPI information element when setting up link with a wireless access points AP; And when the authorization information received from described AP, successfully set up link with described AP; Wherein, described authorization information is about described WAPI information element and the described AP information that the match is successful; The wireless local area network security foundation structure unit is used for after described radio local area network authentication infrastructure element is set up link with described AP, and use encrypting and decrypting key carries out encryption and decryption to network data; Network card equipment includes receiving element, judging unit, retransmission unit; Wherein, described receiving element be used for to receive described user environment profile and from the WAPI configuration information of described AP; Described judging unit is used for described user environment profile and described WAPI configuration information are compared, when the content in the described user environment profile is included in the described WAPI configuration information, notify described WAPI equipment to send described WAPI information element; Described retransmission unit is used for described WAPI information element is transmitted to described AP, and will notify described WAPI equipment from the described authorization information of described AP.
Preferably, also comprise: user interaction unit is used for receiving user's input, and shows corresponding feedback information; The network configuration user interface elements is used for the input according to described user, notifies described radio local area network authentication infrastructure element to generate a described user environment profile.
Preferably, described radio local area network authentication infrastructure element also comprises: the key agreement unit, be used for and described AP between the described encrypting and decrypting key of dynamic negotiation.
Preferably, described network card equipment also comprises: the first working mode change module, be used for being under the normal mode at described network card equipment, notify described network card equipment that the described network data that will send is encrypted, the described network data that receives is decrypted;
When the content in the described user environment profile is included in the described WAPI configuration information, described network card equipment is set is in safe unloading mode, wherein said safe unloading mode is used for receiving the described WAPI information element that the described WAPI equipment of arrival sends;
Set up after link is connected at described network card equipment and described wireless access points AP, described network card equipment is set is in one by pattern, by under the pattern, described network card equipment no longer is encrypted deciphering to network data described.
Preferably, described wireless local area network security foundation structure unit also comprises: the second working mode change module is used for described wireless local area network security foundation structure unit being set being in non operating state under data detour pattern; Under the secret and safe pattern, the described network data that described wireless local area network security foundation structure unit will receive is set is encrypted deciphering.
On the other hand, the invention provides a kind of method that realizes wireless local area network security measure, be applied to the network card equipment in the computer, comprising: receive the user environment profile from a WAPI equipment; Receive a WAPI configuration information; Described user environment profile and described WAPI configuration information are compared, when the content in the described user environment profile is included in the described WAPI configuration information, notify described WAPI equipment to send the WAPI information element; The WAPI information element that receives is transmitted to a wireless access points AP, receive from the authorization information of described AP and notify described WAPI equipment, thereby guarantee that described WAPI equipment and described AP successfully set up link, make described WAPI equipment will be sent to described AP by described network card equipment behind the network data encryption, wherein, described authorization information is about described WAPI information element and the AP information that the match is successful.
Preferably, describedly receive from the authorization information of AP and notify after the described WAPI device step, also comprise: to being decrypted from described AP and by the network data after the encryption of described network card equipment.
Preferably, describedly receive from the authorization information of described AP and notify described WAPI equipment, also comprise afterwards: and dynamic negotiation encrypting and decrypting key between the described AP.
Preferably, and dynamic negotiation encrypting and decrypting key between the described AP, also comprise: described WAPI equipment is in the data pattern that detours, and the described network data through self is not encrypted deciphering before.
Preferably, and dynamic negotiation encrypting and decrypting key between the described AP, also comprise afterwards: described WAPI equipment is in the secret and safe pattern, and the described network data through self is encrypted deciphering.
Preferably, described user environment profile comprises local area network (LAN) title SSID and the safe mode corresponding with described SSID at least.
The present invention has following beneficial effect: the technology of using present embodiment, encrypting and decrypting process with the data between the computer and network, carried out hierarchical design with wireless network card, and wireless network card does not need redesign and changes, make in the process that realizes WAPI, no longer rely on wireless network card, reduced cost, reduced the dependence to foreign vendor.
Description of drawings
Fig. 1 is embodiment of the invention computer equipment structural representation;
Fig. 2 is the operation principle schematic diagram of equipment in Vista operating system of the embodiment of the invention;
Fig. 3 is embodiment of the invention method flow schematic diagram one;
Fig. 4 is embodiment of the invention method flow schematic diagram two.
Embodiment
For making purpose of the present invention, technical characterictic and implementation result clearer, below in conjunction with the accompanying drawings and the specific embodiments technical scheme of the present invention is described in detail.
Among the embodiment provided by the invention, adopt hierarchy to realize WAPI, that is, a network card equipment 103 (IHV, Independent Hardware Vendor) is realized wireless network card; ((WPI, WLAN Privacy Infrastructure) realizes independently WAPI software kit in one wireless local area network security foundation structure unit 102; Provide complete WAPI function by a small amount of additional interface for computer.
Present embodiment provides a kind of computer equipment, as shown in Figure 1, includes network card equipment 103, also comprises and described network card equipment 103 WAPI equipment 100 independently mutually, comprises in the described WAPI equipment 100:
Radio local area network authentication infrastructure element 101 is used for sending user environment profile (Profile) and WAPI information element when setting up link with a wireless access points AP; And when the authorization information received from described AP, successfully set up link with described AP; Wherein, described authorization information is about described WAPI information element and the described AP information that the match is successful;
Wireless local area network security foundation structure unit 102 is used for using the encrypting and decrypting key that network data is carried out encryption and decryption after described radio local area network authentication infrastructure element 101 is set up link with described AP;
Described receiving element 1031 is used for receiving described user environment profile and from the WAPI configuration information of described AP;
Described judging unit 1032 is used for described user environment profile and described WAPI configuration information are compared, when the content in the described user environment profile is included in the described WAPI configuration information, notify described WAPI equipment 100 to send described WAPI information element;
Described retransmission unit 1033 is used for described WAPI information element is transmitted to described AP, and will notify described WAPI equipment 100 from the described authorization information of described AP.
Use the technology of present embodiment, the network data of transmitting between computer equipment and the network is encrypted the function of deciphering, carried out hierarchical design with network card equipment 103, and wireless network card does not need redesign and changes, make in the process that realizes WAPI, no longer need to hold consultation with the manufacturer that produces network card equipment 103, reduced the dependence to foreign vendor.
Among the embodiment, user environment profile comprises local area network (LAN) title (SSID, Service SetIdentifier also can be written as Extended SSID) and the safe mode corresponding with described SSID at least, and WEP Key, uses information such as frequency range.After network card equipment 103 judges that the corresponding safe mode of described SSID belongs to a kind of secured fashion of WAPI, self enter a safe unloading mode, wait for the WAPI information element that receives from the radio local area network authentication infrastructure element 101 in the WAPI equipment 100, network card equipment 103 removes to seek such wireless network and carries out link and connects, described WAPI information element is issued wireless access points (AP, Access Point); Be used for receiving the authorization information from described AP, described authorization information is about described WAPI information element and the AP information that the match is successful.
Also comprise in the radio local area network authentication infrastructure element 101: the key agreement unit, be used for and AP between dynamic negotiation encrypting and decrypting key.
For improving the function of equipment, as shown in Figure 2, be example with normally used Vista operating system, can also comprise in the computer equipment:
Local dispensing unit (ACM automatically, Auto Configuration Module) 105, can regard a protocol stack as, usually in Windows Vista, use, be used for the transmission course in data, request, instruction, encapsulate the standard that these data, request, instruction make it to meet the current computer system.At least will be encapsulated as the form that current local computer system is supported from the described user environment profile of radio local area network authentication infrastructure element 101, directly or by a wireless intermediary driver element 108 send to network card equipment 103.Need to prove, because local dispensing unit 105 automatically normally uses in Windows Vista, and in the operating system that comprises Windows Vista, also should have EAPFramework (802.1X Module), the corresponding function realization of Native 802.11Media Specific Module agreements such as (MSM) unit.
Wireless intermediary driver element 108 is used for described user environment profile and/or described WAPI information element are sent to described network card equipment 103.Radio local area network authentication infrastructure element 101 sends to a wireless intermediary driver element 108 with described WAPI information element, described wireless intermediary driver element 108 sends to described wireless local area network security foundation structure unit 102 with described WAPI information element, is transmitted to described network card equipment 103 by described wireless local area network security foundation structure unit 102.
Network configuration user interface elements 107, provided by the employed operating system of current computer, interface that the user develops user interaction unit 106 and the application interface function (API) of various functions are provided, and the formed data of the operation of user in user interaction unit 106 have been carried out encapsulation process.
Wireless local area network security foundation structure unit 102 also comprises:
The second working mode change module is used for being in non operating state under non-security mode; Under safe mode, described wireless local area network security foundation structure unit 102 is set the network data that receives is carried out encryption and decryption.
The first working mode change module is used for notifying 103 pairs of network datas that will send of described network card equipment to be encrypted under normal mode, and the network data that receives is decrypted;
Behind the user environment profile of receiving from wireless local area network security foundation structure unit 102, notify described network card equipment 103 to be in safe unloading mode;
Set up after link is connected at network card equipment 103 and AP, notify described network card equipment 103 to be in by pattern (pass-thru mode), by under the pattern, described network card equipment 103 no longer is encrypted deciphering to network data described.
The wireless local area network security measure that using above embodiment provides is realized equipment, is example with normally used Vista operating system, and still as shown in Figure 2, following flow process is followed in each unit in a complete workflow:
In user interaction unit 106, selected the use WLAN according to the pre-arranged procedure, and determined to have generated this moment the network linking request; This network linking request is carried out being sent to a local dispensing unit 105 automatically after the encapsulation process in network configuration user interface elements 107;
The local 105 notice radio local area network authentication infrastructure element 101 of dispensing unit automatically begin to prepare to collect the various configuration informations of local computer;
Radio local area network authentication infrastructure element 101 generates a user environment profile, sends to local dispensing unit 105 automatically, sends to a wireless intermediary driver element 108 after being handled by the automatic dispensing unit 105 in this locality;
After handling, wireless intermediary driver element 108 sends to a wireless local area network security foundation structure unit 102; Because the wireless local area network security foundation structure unit 102 of this moment is in the data pattern (Data Bypass Mode) that detours, therefore directly sent to a network card equipment 103;
After network card equipment 103 is received described user environment profile, know that the current WLAN (wireless local area network) link of carrying out is a kind of link of WAPI mode, then self is placed a safe unloading mode (Security OffloadMode), the link that notice radio local area network authentication infrastructure element 101 is prepared between foundation and the AP;
Radio local area network authentication infrastructure element 101 obtains after the notice, generate a WAPI information element, send to wireless intermediary driver element 108, be transmitted to network card equipment 103 by wireless intermediary driver element 108 by wireless local area network security foundation structure unit 102.
Radio local area network authentication infrastructure element 101 is finished the two-way authentication of STA end with the AP of described network card equipment, and dynamic negotiation encrypting and decrypting key;
Wireless local area network security foundation structure unit 102 under an in running order safe mode, uses the encrypting and decrypting key of described dynamic negotiation that network data is carried out encryption and decryption after radio local area network authentication infrastructure element 101 is set up link with AP.
Among the embodiment provided by the invention, provide a kind of wireless local area network security measure implementation method, be applied to the network card equipment 103 in the computer, as shown in Figure 3, having comprised:
Use the technology of present embodiment, the network data of transmitting between computer equipment and the network is encrypted the function of deciphering, carried out hierarchical design with network card equipment 103, and wireless network card does not need redesign and changes, make in the process that realizes WAPI, no longer need to hold consultation with the manufacturer that produces network card equipment 103, reduced the dependence to foreign vendor.
Above embodiment is executive agent with the network card equipment 103 in the computer, disclosed corresponding technical scheme, below described WAPI equipment 100 is split into radio local area network authentication infrastructure element 101 and wireless local area network security foundation structure unit 102, described at one and complete set up link and network data is encrypted in the process of deciphering, as shown in Figure 4, the flow process of self function is finished in each unit, comprising:
Wherein, user's operation and affirmation behavior have different implementations under different computer environments, and for example in Windows XP and Windows Vista, graphic interface that can be by clicking wireless network link also carry out according to the pre-arranged procedure.
By under the pattern, directly finish WAPI with AP and authenticate and key agreement by described radio local area network authentication infrastructure element 101 described for step 304.;
Use the technology of present embodiment, encrypting and decrypting process with the data between the computer and network, carried out hierarchical design with wireless network card, and wireless network card does not need redesign and changes, make in the process that realizes WAPI, no longer rely on wireless network card, reduced cost, reduced the dependence to foreign vendor.
Send this user environment profile to a network card equipment 103, further comprise:
Described network card equipment 103 uses the link authentication between described WAPI information element realization and the AP, also comprises before:
Radio local area network authentication infrastructure element 101 sends to a wireless intermediary driver element 108 with described WAPI information element, described wireless intermediary driver element 108 sends to described wireless local area network security foundation structure unit 102 with described WAPI information element, is transmitted to described network card equipment 103 by described wireless local area network security foundation structure unit 102.
Described network card equipment 103 is not tested to the described network data of passing through, and described network data is sent to AP.
To and AP between the network data transmitted carry out encryption and decryption, further comprise:
Described network data directly sends to network card equipment 103 after being encrypted by wireless local area network security foundation structure unit 102, is directly connected by link by described network card equipment 103 to send to AP.
Wherein, Profile has comprised that needs connect the service area alias (ESSID of wireless network, ExtendedService Set Identifier) and WEP Key, use information such as frequency range, as Profile of network card equipment 103 loadings, control program will allow network card equipment 103 remove to seek such wireless network and carry out link and connect.
Use the technology of present embodiment, encrypting and decrypting process with the data between the computer and network, carried out hierarchical design with wireless network card, and wireless network card does not need redesign and changes, make in the process that realizes WAPI, no longer rely on wireless network card, reduced cost, reduced the dependence to foreign vendor.
Embodiments of the invention have following beneficial effect, and the realization technology of the realization of WAPI and wireless network card inside is irrelevant; IHV need not change self soft, hardware because of WAPI, only needs to support that a small amount of additional interface can realize the support to WAPI.IHV its soft, the hardware of freely upgrading, ISV its WAPI software of freely upgrading; ISV and IHV need not provide extra resource to the other side; And go for all wireless network cards.
With the encrypting and decrypting process of the data between the computer and network, carried out hierarchical design with wireless network card, and wireless network card does not need redesign and change, make in the process that realizes WAPI, no longer rely on wireless network card, reduced cost, reduced the dependence to foreign vendor.
Should be noted that above embodiment is only unrestricted in order to technical scheme of the present invention to be described, all parameter values can be according to the actual conditions adjustment, and in this rights protection scope.Those of ordinary skill in the art should be appreciated that and can make amendment or be equal to replacement technical scheme of the present invention, and do not break away from the spiritual scope of technical solution of the present invention, and it all should be encompassed in the middle of the claim scope of the present invention.
Claims (11)
1. a computer equipment includes network card equipment, it is characterized in that, also comprise and described network card equipment WAPI equipment independently mutually,
Comprise in the described WAPI equipment:
The radio local area network authentication infrastructure element is used for sending user environment profile and WAPI information element when setting up link with a wireless access points AP; And when the authorization information received from described AP, successfully set up link with described AP; Wherein, described authorization information is about described WAPI information element and the described AP information that the match is successful;
The wireless local area network security foundation structure unit is used for after described radio local area network authentication infrastructure element is set up link with described AP, and use encrypting and decrypting key carries out encryption and decryption to network data;
Network card equipment includes receiving element, judging unit, retransmission unit; Wherein,
Described receiving element be used for to receive described user environment profile and from the WAPI configuration information of described AP;
Described judging unit is used for described user environment profile and described WAPI configuration information are compared, when the content in the described user environment profile is included in the described WAPI configuration information, notify described WAPI equipment to send described WAPI information element;
Described retransmission unit is used for described WAPI information element is transmitted to described AP, and will notify described WAPI equipment from the described authorization information of described AP.
2. equipment according to claim 1 is characterized in that, also comprises:
User interaction unit is used for receiving user's input, and shows corresponding feedback information;
The network configuration user interface elements is used for the input according to described user, notifies described radio local area network authentication infrastructure element to generate a described user environment profile.
3. equipment according to claim 1 is characterized in that, described radio local area network authentication infrastructure element also comprises:
The key agreement unit, be used for and described AP between the described encrypting and decrypting key of dynamic negotiation.
4. equipment according to claim 1 is characterized in that, described network card equipment also comprises:
The first working mode change module is used for being under the normal mode at described network card equipment, notifies described network card equipment that the described network data that will send is encrypted, and the described network data that receives is decrypted;
When the content in the described user environment profile is included in the described WAPI configuration information, described network card equipment is set is in safe unloading mode, wherein said safe unloading mode is used for receiving the described WAPI information element that the described WAPI equipment of arrival sends;
Set up after link is connected at described network card equipment and described wireless access points AP, described network card equipment is set is in one by pattern, by under the pattern, described network card equipment no longer is encrypted deciphering to network data described.
5. equipment according to claim 1 is characterized in that, described wireless local area network security foundation structure unit also comprises:
The second working mode change module is used for described wireless local area network security foundation structure unit being set being in non operating state under data detour pattern; Under safe mode, the described network data that described wireless local area network security foundation structure unit will receive is set is encrypted deciphering.
6. a method that realizes wireless local area network security measure is applied to the network card equipment in the computer, it is characterized in that, comprising:
Receive the user environment profile from a WAPI equipment;
Receive a WAPI configuration information;
Described user environment profile and described WAPI configuration information are compared,
When the content in the described user environment profile is included in the described WAPI configuration information, notify described WAPI equipment to send the WAPI information element;
The WAPI information element that receives is transmitted to a wireless access points AP,
Receive from the authorization information of described AP and notify described WAPI equipment, thereby guarantee that described WAPI equipment and described AP successfully set up link, make described WAPI equipment will be sent to described AP by described network card equipment behind the network data encryption, wherein, described authorization information is about described WAPI information element and the AP information that the match is successful.
7. method according to claim 6 is characterized in that, describedly receives from the authorization information of AP and notifies after the described WAPI device step, also comprises:
To being decrypted from described AP and by the network data after the encryption of described network card equipment.
8. method according to claim 7 is characterized in that, describedly receives from the authorization information of described AP and notifies described WAPI equipment, also comprises afterwards:
And dynamic negotiation encrypting and decrypting key between the described AP.
9. method according to claim 8 is characterized in that, and dynamic negotiation encrypting and decrypting key between the described AP, also comprises before:
Described WAPI equipment is in the data pattern that detours, and the described network data through self is not encrypted deciphering.
10. method according to claim 8 is characterized in that, and dynamic negotiation encrypting and decrypting key between the described AP, also comprises afterwards:
Described WAPI equipment is in safe mode, and the described network data through self is encrypted deciphering.
11. method according to claim 6 is characterized in that,
Described user environment profile comprises local area network (LAN) title SSID and the safe mode corresponding with described SSID at least.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910078145.2A CN101808317B (en) | 2009-02-18 | 2009-02-18 | Computer device and method for realizing wireless local area network security measure |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910078145.2A CN101808317B (en) | 2009-02-18 | 2009-02-18 | Computer device and method for realizing wireless local area network security measure |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101808317A CN101808317A (en) | 2010-08-18 |
CN101808317B true CN101808317B (en) | 2013-07-03 |
Family
ID=42609891
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200910078145.2A Active CN101808317B (en) | 2009-02-18 | 2009-02-18 | Computer device and method for realizing wireless local area network security measure |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101808317B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105160240B (en) * | 2012-09-20 | 2018-03-20 | 北京奇安信科技有限公司 | A kind of terminal password protection method and device |
CN105392131A (en) * | 2015-10-19 | 2016-03-09 | 上海斐讯数据通信技术有限公司 | Device and method for configuring and managing wireless access point |
CN105471848B (en) * | 2015-11-17 | 2018-07-03 | 无锡江南计算技术研究所 | A kind of ethernet controller enhances safely design method |
CN111614683B (en) * | 2020-05-25 | 2023-01-06 | 成都卫士通信息产业股份有限公司 | Data processing method, device and system and network card |
CN114501512A (en) * | 2022-02-18 | 2022-05-13 | 广东电网有限责任公司 | Network communication system and method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1581775A (en) * | 2004-05-14 | 2005-02-16 | 上海华曼信息技术有限公司 | Apparatus for realizing wireless LAN safety and working method thereof |
CN1665183A (en) * | 2005-03-23 | 2005-09-07 | 西安电子科技大学 | Key agreement method in WAPI authentication mechanism |
CN1681239A (en) * | 2004-04-08 | 2005-10-12 | 华为技术有限公司 | Method for supporting multiple safe mechanism in wireless local network system |
CN101056177A (en) * | 2007-06-01 | 2007-10-17 | 清华大学 | Radio mesh re-authentication method based on the WLAN secure standard WAPI |
-
2009
- 2009-02-18 CN CN200910078145.2A patent/CN101808317B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1681239A (en) * | 2004-04-08 | 2005-10-12 | 华为技术有限公司 | Method for supporting multiple safe mechanism in wireless local network system |
CN1581775A (en) * | 2004-05-14 | 2005-02-16 | 上海华曼信息技术有限公司 | Apparatus for realizing wireless LAN safety and working method thereof |
CN1665183A (en) * | 2005-03-23 | 2005-09-07 | 西安电子科技大学 | Key agreement method in WAPI authentication mechanism |
CN101056177A (en) * | 2007-06-01 | 2007-10-17 | 清华大学 | Radio mesh re-authentication method based on the WLAN secure standard WAPI |
Also Published As
Publication number | Publication date |
---|---|
CN101808317A (en) | 2010-08-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9585088B2 (en) | Wireless device registration, such as automatic registration of a Wi-Fi enabled device | |
JP3961462B2 (en) | Computer apparatus, wireless LAN system, profile updating method, and program | |
JP4545197B2 (en) | Wireless network system and communication method using the same | |
US20050188219A1 (en) | Method and a system for communication between a terminal and at least one communication equipment | |
US8781131B2 (en) | Key distribution method and system | |
JP2010532107A (en) | Secure transfer of soft SIM credentials | |
US11563730B2 (en) | Method and electronic device for managing digital keys | |
CN101808317B (en) | Computer device and method for realizing wireless local area network security measure | |
CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
JP2013515301A (en) | Method, system and smart card for realizing general-purpose card system | |
CN106254323A (en) | The exchange method of a kind of TA and SE, TA, SE and TSM platform | |
CN102118385A (en) | Security domain management method and device | |
CN109831775B (en) | Processor, baseband chip and SIM card information transmission method | |
CN107948170A (en) | Interface requests parameter encryption method, device, equipment and readable storage medium storing program for executing | |
CN105975867A (en) | Data processing method | |
CN105325021B (en) | Method and apparatus for remote portable wireless device authentication | |
CN107566112A (en) | Dynamic encryption and decryption method and server | |
CN111404706B (en) | Application downloading method, secure element, client device and service management device | |
CN103227804B (en) | Use the method that account's proxy module connects superuser account command interpreter | |
CN106789000A (en) | A kind of secret phone system and method based on TEE technologies and wearable device | |
CN103259711A (en) | Method and system for communication information transmission | |
CN110636491A (en) | Service-oriented trusted execution module and communication method | |
CN104902473A (en) | Wireless network access authentication method and device based on CPK (Combined Public Key Cryptosystem) identity authentication | |
Vahidian | Evolution of the SIM to eSIM | |
CN1921411B (en) | Method for creating a user equipment split between a terminal equipment and serially connected equipments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |